From 20e68b30f08e0e0eae691dcf541968e344efdaae Mon Sep 17 00:00:00 2001 From: Maksim Pechnikov Date: Tue, 14 Jul 2020 07:31:21 +0300 Subject: added generated `pleroma.env` --- installation/pleroma.service | 2 ++ 1 file changed, 2 insertions(+) (limited to 'installation') diff --git a/installation/pleroma.service b/installation/pleroma.service index 5dcbc1387..ee00a3b7a 100644 --- a/installation/pleroma.service +++ b/installation/pleroma.service @@ -17,6 +17,8 @@ Environment="MIX_ENV=prod" Environment="HOME=/var/lib/pleroma" ; Path to the folder containing the Pleroma installation. WorkingDirectory=/opt/pleroma +; Path to the environment file. the file contains RELEASE_COOKIE and etc +EnvironmentFile=/opt/pleroma/config/pleroma.env ; Path to the Mix binary. ExecStart=/usr/bin/mix phx.server -- cgit v1.2.3 From 14054cd004d91e89644c31d61b08d50ff0df09dd Mon Sep 17 00:00:00 2001 From: Maksim Pechnikov Date: Thu, 16 Jul 2020 08:52:14 +0300 Subject: update task messages --- installation/init.d/pleroma | 1 + 1 file changed, 1 insertion(+) (limited to 'installation') diff --git a/installation/init.d/pleroma b/installation/init.d/pleroma index 384536f7e..e908cda1b 100755 --- a/installation/init.d/pleroma +++ b/installation/init.d/pleroma @@ -8,6 +8,7 @@ pidfile="/var/run/pleroma.pid" directory=/opt/pleroma healthcheck_delay=60 healthcheck_timer=30 +export $(cat /opt/pleroma/config/pleroma.env) : ${pleroma_port:-4000} -- cgit v1.2.3 From e7b0840b88838f9e14bd2b09060d89c4a656966c Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 23 Oct 2020 15:32:32 -0500 Subject: NoNewPrivileges breaks ability to send email via sendmail because it restricts ability to run setuid/setgid binaries --- installation/pleroma.service | 2 -- 1 file changed, 2 deletions(-) (limited to 'installation') diff --git a/installation/pleroma.service b/installation/pleroma.service index ee00a3b7a..63e83ed6e 100644 --- a/installation/pleroma.service +++ b/installation/pleroma.service @@ -31,8 +31,6 @@ ProtectHome=true ProtectSystem=full ; Sets up a new /dev mount for the process and only adds API pseudo devices like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled by default because it may not work on devices like the Raspberry Pi. PrivateDevices=false -; Ensures that the service process and all its children can never gain new privileges through execve(). -NoNewPrivileges=true ; Drops the sysadmin capability from the daemon. CapabilityBoundingSet=~CAP_SYS_ADMIN -- cgit v1.2.3 From cc45c69fff515cb82c4902b67c8edce6b109c819 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 7 Nov 2020 22:09:28 +0300 Subject: Remove release_env While taking a final look at instance.gen before releasing I noticed that the release_env task outputs messages in broken english. Upon further inspection it seems to have even more severe issues which, in my opinion, warrant it's at least temporary removal: - We do not explain what it actually does, anywhere. Neither the task docs nor instance.gen, nor installation instructions. - It does not respect FHS on OTP releases (uses /opt/pleroma/config even though we store the config in /etc/pleroma/config.exs). - It doesn't work on OTP releases, which is the main reason it exists. Neither systemd nor openrc service files for OTP include it. - It is not mentioned in install guides other than the ones for Debian and OTP releases. --- installation/init.d/pleroma | 1 - installation/pleroma.service | 2 -- 2 files changed, 3 deletions(-) (limited to 'installation') diff --git a/installation/init.d/pleroma b/installation/init.d/pleroma index e908cda1b..384536f7e 100755 --- a/installation/init.d/pleroma +++ b/installation/init.d/pleroma @@ -8,7 +8,6 @@ pidfile="/var/run/pleroma.pid" directory=/opt/pleroma healthcheck_delay=60 healthcheck_timer=30 -export $(cat /opt/pleroma/config/pleroma.env) : ${pleroma_port:-4000} diff --git a/installation/pleroma.service b/installation/pleroma.service index 63e83ed6e..8338228d8 100644 --- a/installation/pleroma.service +++ b/installation/pleroma.service @@ -17,8 +17,6 @@ Environment="MIX_ENV=prod" Environment="HOME=/var/lib/pleroma" ; Path to the folder containing the Pleroma installation. WorkingDirectory=/opt/pleroma -; Path to the environment file. the file contains RELEASE_COOKIE and etc -EnvironmentFile=/opt/pleroma/config/pleroma.env ; Path to the Mix binary. ExecStart=/usr/bin/mix phx.server -- cgit v1.2.3